Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE

Junos OS Release Notes for PTX Series Packet Transport Routers

 

These release notes accompany Junos OS Release 20.1R3 for the PTX Series. They describe new and changed features, limitations, and known and resolved problems in the hardware and software.

You can also find these release notes on the Juniper Networks Junos OS Documentation webpage, located at https://www.juniper.net/documentation/product/en_US/junos-os.

What's New

Learn about new features introduced in the Junos OS main and maintenance releases for PTX Series.

What’s New in 20.1R3

There are no new features or enhancements to existing features for PTX Series routers in Junos OS Release 20.1R3.

What’s New in 20.1R2

There are no new features or enhancements to existing features for PTX Series routers in Junos OS Release 20.1R2.

What’s New in 20.1R1

Interfaces and Chassis

  • Handling thermal health events (PTX5000)—Starting in Junos OS Release 20.1R1, on PTX5000 routers, you can enable a thermal health check and configure an action (such as auto shutdown and alarm) to be taken when a thermal health event such as power leakage is detected. You can also configure the power supply module (PSM) watchdog to shut down the PSM output power in case a thermal health event causes Junos to go down.

    Note

    The PSM watchdog feature works only if all the online PSMs in the router support this feature.

    [See Handling Thermal Health Events Using Thermal Health Check and PSM Watchdog]

  • Support for new show | display set CLI commands (ACX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the following new show commands have been introduced:

    • show | display set explicit—Display explicitly, as a series of commands, all the configurations that the system internally creates when you configure certain statements from the top level of the hierarchy.

    • show | display set relative explicit—Display explicitly, as a series of commands, all the configurations that the system internally creates when you configure certain statements from the current hierarchy level.

    [See show | display set and show | display set relative.]

Junos OS XML API and Scripting

  • The jcs:load-configuration template supports loading the rescue configuration (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the jcs:load-configuration template supports the rescue parameter to load and commit the rescue configuration on a device. SLAX and XSLT scripts can call the jcs:load-configuration template with the rescue parameter set to "rescue" to replace the active configuration with the rescue configuration.

    [See Changing the Configuration Using SLAX and XSLT Scripts and jcs:load-configuration Template.]

Junos Telemetry Interface

  • IS-IS adjacency and LSDB event streaming support on JTI (MX960, PTX1000, and PTX10000)—Junos OS Release 20.1R1 provides IS-IS adjacency and link-state database (LSDB) statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services or gRPC Network Management Interface (gNMI) services. ON_CHANGE statistics are sent to an outside collector.

    The following resource paths are supported:

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/circuit-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interface/levels/level/packet-counters/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/system-level-counters/state/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/interfaces/interfaces/levels/level/adjacencies/adjacency/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-ipv4-reachability/prefixes/prefix/subtlvs/subtlv/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-reachability/prefixes/prefix/subtlvs/subtlv/ (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/adjacency-sid/sid/state/ (ON-CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/extended-is-reachability/neighbors/neighbors/subTLVs/subTLVs/lan-adjacency-sid/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-interfaces-addresses/state/ (ON_CHANGE))

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-srlg/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv4-te-router-id/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/ipv6-interfaces-addresses/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/router-capabilities/router-capability/subtlvs/subtlv/segment-routing-capability/state/ (ON_CHANGE)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/state (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/area-address/state/address (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/nlpid/state/nlpid (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/lsp-buffer-size/state/size (stream)

    • /network-instances/network-instance/protocols/protocol/isis/levels/level/link-state-database/lsp/tlvs/tlv/hostname/state/hname (stream)

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

  • Platform, interface, and alarm sensor ON_CHANGE support on JTI (MX960, MX2020, PTX1000, PTX5000)—Junos OS Release 20.1R1 supports platform, interface, and alarm statistics using Junos telemetry interface (JTI) and gRPC Network Management Interface (gNMI) services. You can use this feature to send ON_CHANGE statistics for a device to an outside collector.

    This feature supports the OpenConfig models:

    • openconfig-platform.yang: oc-ext:openconfig-version 0.12.1

    • openconfig-interfaces.yang: oc-ext:openconfig-version 2.4.1

    • openconfig-alarms.yang: oc-ext:openconfig-version 0.3.1

    Use the following resource paths in a gNMI subscription:

    • /components/component (for each installed FRU)

    • /interfaces/interface/state/

    • /interfaces/interface/subinterfaces/subinterface/state/

    • /alarms/alarm/

    [See Guidelines for gRPC Sensors (Junos Telemetry Interface).]

  • gRPC Dial-Out support on JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Junos OS Release 20.1R1 provides remote procedure call (gRPC) dial-out support for telemetry. In this method, the target device (server) initiates a gRPC session with the collector (client) and, when the session is established, streams the telemetry data that is specified by the sensor-group subscription to the collector. This is in contrast to the gRPC network management interface (gNMI) dial-in method, in which the collector initiates a connection to the target device.

    gRPC dial-out provides several benefits as compared to gRPC dial-in, including simplifying access to the target advice and reducing the exposure of target devices to threats outside of their topology.

    To enable export of statistics, include the export-profile and sensor statements at the [edit services analytics] hierarchy level. The export profile must include the reporting rate, the transport service (for example, gRPC), and the format (for example, gbp-gnmi). The sensor configuration should include the name of the collector (the server’s name), the name of the export profile, and the resource path. An example of a resource path is /interfaces/interface[name='fxp0'.

    [See Using gRPC Dial-Out for Secure Telemetry Collection.]

  • gRPC version v1.18.0 with JTI (ACX Series, MX Series, PTX Series, and QFX Series)—Junos OS Release 20.1R1 includes support for remote procedure call (gRPC) services version v1.18.0 with Junos telemetry interface (JTI). This version includes important enhancements for gRPC. In earlier releases, JTI is supported with gRPC version v1.3.0.

    Use gRPC in combination with JTI to stream statistics at configurable intervals from a device to an outside collector.

    [See gRPC Services for Junos Telemetry Interface.]

  • LLDP statistics, notifications, and configuration model for suppress-tlv-advertisement support on JTI (MX240, MX480, MX960, MX10003, PTX10008, PTX10016)—Junos OS Release 20.1R1 provides remote procedure call (gRPC) streaming services support for attribute leaf suppress-tlv-advertisement under the resource path /lldp/state/suppress-tlv-advertisement. The following TLVs are supported, which in turn support operational state, notifications, and configuration change support:

    • port-description

    • system-name

    • system-description

    • system-capabilities

    • management-address

    • port-id-type

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface).]

  • SR-TE statistics for uncolored SR-TE policies streaming on JTI (MX Series, PTX Series)—Junos OS Release 20.1R1 provides segment routing traffic engineering (SR-TE) per label-switched Path (LSP) route statistics using Junos telemetry interface (JTI) and remote procedure call (gRPC) services. Using JTI and gRPC services, you can stream SR-TE telemetry statistics for uncolored SR-TE policies to an outside collector.

    Ingress statistics include statistics for all traffic steered by means of an SR-TE LSP. Transit statistics include statistics for traffic to the Binding-SID (BSID) of the SR-TE policy.

    To enable these statistics, include the per-source per-segment-list statement at the [edit protocols source-packet-routing telemetry statistics] hierarchy level.

    If you issue the set protocols source-packet-routing telemetry statistics no-ingress command, ingress sensors are not created.

    If you issue the set protocols source-packet-routing telemetry statistics no-transit command, transit sensors are not created. Otherwise, if BSID is configured for a tunnel, transit statistics are created.

    The following resource paths (sensors) are supported:

    • /junos/services/segment-routing/traffic-engineering/tunnel/lsp/ingress/usage/

    • /junos/services/segment-routing/traffic-engineering/tunnel/lsp/transit/usage/

    To provision the sensor to export data through gRPC services, use the telemetrySubscribe RPC.

    Streaming telemetry data through gRPC or gNMI also requires the OpenConfig for Junos OS module.

    [See Guidelines for gRPC and gNMI Sensors (Junos Telemetry Interface, source-packet-routing, and show spring-traffic-engineering lsp detail name name.]

Routing Protocols

  • Support for topology-independent loop-free alternate (TI-LFA) in IS-IS for IPv6-only networks (ACX Series, MX Series, and PTX Series)— Starting with Junos OS Release 20.1R1, you can configure TI-LFA with segment routing in an IPv6-only network for the IS-IS protocol. TI-LFA provides MPLS fast reroute (FRR) backup paths corresponding to the post-convergence path for a given failure. TI-LFA provides protection against link failure, and node failure.

    You can enable TI-LFA for IS-IS by configuring the use-post-convergence-lfa statement at the [edit protocols isis backup-spf-options] hierarchy level. You can enable the creation of post-convergence backup paths for a given IPv6 interface by configuring the post-convergence-lfa statement at the [edit protocols isis interface interface-name level level] hierarchy level. The post-convergence-lfa statement enables link-protection mode.

    You can enable node-protection mode for a given interface at the [edit protocols isis interface interface-name level level post-convergence-lfa] hierarchy level. However, you cannot configure fate-sharing protection for IPv6-only networks.

    [See Understanding Topology-Independent Loop-Free Alternate with Segment Routing for IS-IS.]

MPLS

  • Support for segment routing over RSVP forwarding adjacency (MX Series and PTX Series)—Starting with Junos OS Release 20.1R1, we provide support for segment routing traffic to be carried over RSVP LSPs that are advertised as forwarding adjacencies in IS-IS. This feature is implemented in a network having LDP on the edge and RSVP in the core where you can easily replace LDP with IS-IS segment routing because it eliminates the need for MPLS signaling protocols such as LDP. This helps to remove a protocol from the network and results in network simplification.

    [See Understanding Segment Routing over RSVP Forwarding Adjacency in IS-IS.]

  • CoS-based forwarding and policy-based routing to steer selective traffic over an SR-TE path (ACX Series, MX Series, and PTX Series)—Starting in Junos OS Release 20.1R1, you can use CoS-based forwarding (CBF) and policy-based routing (PBR, also known as filter-based forwarding or FBF) to steer service traffic using a particular segment routing-traffic-engineered (SR-TE) path. This feature is supported only on non-colored segment routing LSPs that have the next hop configured as a first hop label or an IP address.

    With CBF and PBR, you can:

    • Choose an SR-TE path on the basis of service.

    • Choose the supporting services to resolve over the selected SR-TE path.

    [See Example: Configuring CoS-Based Forwarding and Policy-Based Routing For SR-TE LSPs.]

Network Management and Monitoring

  • Remote port mirroring to an IP address (GRE encapsulation) (PTX Series)—You use port mirroring to send traffic to applications that analyze traffic to monitor compliance, enforce policies, detect intrusions, and so on. Starting in Junos OS Release 20.1R1, you can configure remote port mirroring to send sampled packets to a remote IP address, with the packets encapsulated in a GRE header.

    • Configure remote port mirroring to send sampled packets to a remote IP address, with the packets encapsulated in an IPv4 GRE header:

      set forwarding-options port-mirroring instance instance-name output ip-source-address address ip-destination-address address

    • (Optional) Configure a static traffic-class value that represents the 8-bit differentiated services (DS) field in the IPv4 header of a GRE tunnel. You can program 6 of the 8 bits, so the value that you can configure under DSCP can be 0-63 (2^0 to 2^6).

      set forwarding-options port-mirroring instance instance-name output dscp numeric-dscp-value

    • (Optional) Configure a policer to police the mirrored traffic that is going out of that interface:

      set forwarding-options port-mirroring instance instance-name output policer policer-name

    • (Optional) Configure the forwarding of packets to a queue defined by a forwarding class:

      set forwarding-options port-mirroring instance instance-name output forwarding-class forwarding-class-name

    [See instance (Port Mirroring) and traffic-class (Tunnels).]

  • On-box monitoring support on the control plane (MX Series and PTX Series)—Starting in Junos OS Release 20.1R1, you can configure on-box monitoring to monitor anomalies with respect to the memory utilization of Junos OS applications and the overall system in the control plane of MX Series and PTX Series routers.

    You can use on-box monitoring to monitor system-level memory and process-level memory to detect possible leaks. When the system is running low on memory, the process heuristic shares the prediction and you can configure the action to be taken when leaks are identified.

    See memory (system)

System Management

  • Restrict option under NTP configuration is now visible (ACX Series, QFX Series, MX Series, PTX Series, and SRX Series)—Starting in Junos OS Release 20.1R1, the noquery command under the restrict hierarchy is now available and can be configured with a mask address. The noquery command is used to restrict ntpq and ntpdc queries coming from hosts and subnets.

    [See Configuring NTP Access Restrictions for a Specific Address.]

What's Changed

See what changed in this release for PTX Series routers.

What’s Changed in 20.1R3 Release

Junos XML API and Scripting

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX commit scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX commit scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

  • The jcs:invoke() function supports suppression of root login and logout events in system log files for SLAX event scripts (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The jcs:invoke() extension function supports the no-login-logout parameter in SLAX event scripts. If you include the parameter, the function does not generate and log UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages when the script logs in as root to execute the specified remote procedure call (RPC). If you omit the parameter, the function behaves as in earlier releases in which the root UI_LOGIN_EVENT and UI_LOGOUT_EVENT messages are included in system log files.

    [See invoke() Function (SLAX and XSLT).]

Network Management and Monitoring

  • Support for specifying the YANG modules to advertise in the NETCONF capabilities and supported schema list (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—You can configure devices to emit third-party, standard, and Junos OS native YANG modules in the capabilities exchange of a NETCONF session by configuring the appropriate statements at the [edit system services netconf hello-message yang-module-capabilities] hierarchy level. In addition, you can specify the YANG schemas that the NETCONF server should include in its list of supported schemas by configuring the appropriate statements at the [edit system services netconf netconf-monitoring netconf-state-schemas] hierarchy level.

    [See hello-message and netconf-monitoring.]

Routing Protocols

  • Advertising /32 secondary loopback addresses to traffic engineering database as prefixes (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—We've made changes to export multiple loopback addresses to the lsdist.0 and lsdist.1 routing tables as prefixes. This eliminates the issue of advertising secondary loopback addresses as router IDs instead of prefixes. In earlier releases, we added multiple secondary loopback addresses in the traffic engineering database to the lsdist.0 and lsdist.1 routing tables as part of node characteristics and advertised them as the router ID.

User Interface and Configuration

  • Verbose format option to export JSON configuration data (ACX Series, EX Series, MX Series, PTX Series, QFX Series, and SRX Series)—The Junos OS CLI exposes the verbose statement at the [edit system export-format json] hierarchy level. We changed the default format to export configuration data in JavaScript Object Notation (JSON) from verbose to ietf starting in Junos OS Release 16.1R1. You can explicitly specify the default export format for JSON configuration data by configuring the appropriate statement at the [edit system export-format json] hierarchy level. Although the verbose statement is exposed in the Junos OS CLI as of the current release, you can configure this statement starting in Junos OS Release 16.1R1.

    [See export-format.]

What’s Changed in 20.1R2 Release

Class of Service (CoS)

  • We've corrected the output of the "show class-of-service interface | display xml" command. Output of the following sort:

    <container>

    <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container> will now appear correctly as: <container> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3></container> <container> <leaf-1> data </leaf-1> <leaf-2> data </leaf-2> <leaf-3> data </leaf-3> </container>.

General Routing

  • Displaying accurate aggregate drop statistics (MX Series)—You can view the accurate aggregate drop statistics when a packet drop is seen on an aggregated Ethernet interface by using the show interfaces extensive command. In earlier releases, the show interfaces extensive command did not display accurate aggregate drop statistics. Only the individual aggregate child interface displayed accurate drop statistics.

  • Trigger alarms when a PTX10008 or PTX10016 router has a mix of AC and DC power supplies—If you install a mix of AC and DC power supply units (PSUs), Junos OS raises an alarm to indicate that there is a mix of AC and DC power supplies in the router. To fix this alarm, you need to ensure that you install the same type of power supplies.

    [See Understanding Chassis Alarms.]

  • Control plane DDoS protection packet type option for ARP traffic (PTX Series and QFX Series)—Starting in this release, we've renamed the arp-snoop packet type option in the edit system ddos-protection protocols arp protocol group to arp. This packet type option enables you to change the default control plane distributed denial-of-service (DDoS) protection policer parameters for ARP traffic.

    [See protocols (DDoS).]

Juniper Extension Toolkit (JET)

  • Set the trace log to only show error messages (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series)—You can set the verbosity of the trace log to only show error messages using the error option at the edit system services extension-service traceoptions level hierarchy.

    [See traceoptions (Services).]

MPLS

  • Change in auto bandwidth adjustment (PTX5000)—If auto bandwidth adjustment fails because of bandwidth unavailable error, the router tries to bring up the LSP with the same bandwidth during the subsequent reoptimization. In earlier releases, when the auto bandwidth adjustment fails, the current bandwidth is reset to the bandwidth that was already active.

    [See rsvp-error-hold-time.]

What’s Changed in 20.1R1 Release

There are no changes in behavior and syntax for EX Series in Junos OS Release 20.1R1.

Known Limitations

Learn about known limitations in this release for PTX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • PTX Series platforms with the FPC-PTX-P1-A or FPC2-PTX-P1A line card might encounter a single event upset (SEU) event that can cause a linked-list corruption of the TQCHIP. The following syslog message is reported: Jan 9 08:16:47.295 router fpc0 TQCHIP1: Fatal error pqt_min_free_cnt is zero Jan 9 08:16:47.295 router fpc0 CMSNG: Fatal ASIC error, chip TQ Jan 9 08:16:47.295 router fpc0 TQ Chip::FATAL ERROR!! from PQT free count is zero jan 9 08:16:47.380 router alarmd[2427]: Alarm set: FPC color=RED, class=CHASSIS, reason=FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 Jan 9 08:16:47.380 router craftd[2051]: Fatal alarm set, FPC 0 Fatal Errors - TQ Chip Error code: 0x50002 Junos OS chassis management error handling does detect such condition, and raises an alarm and performs the disable-pfe action for the affected Packet Forwarding Engine entity. To recover this Packet Forwarding Engine entity, a restart of the FPC is needed. Soft errors are transient or non-recurring. FPCs experiencing such SEU events do not have any permanent damage. Contact your Juniper support representative if the issue is seen after a FPC restart. PR1254415

  • In the specific case of semigraceful RCB reboot initiated by the internal shell command vhclient init 0, GRES takes longer than 3 minutes to complete as opposed to 21 seconds. As a workaround, the CLI command request vmhost reboot (graceful) and plugging out and plugging in the Routing Engine (ungraceful) do not exhibit this delay. PR1312065

  • When a filter is attached in the outbound direction, GRE encapsulated headers are applied after the filter block in the egress direction. So in this case, it is possible that the filter is evaluated on an old header content (and not on the new GRE encapsulated header) and hence filter evaluation turns true and the new GRE encapsulated gets recirculated for another GRE encapsulation. This issue is difficult to fix as filter block evaluation happens before the new header is attached. PR1465837

  • All multipath legs are not created in the presence of destination networks 0/0 and toggling between the BGP signal and IP-IP. PR1467022

  • For scaled Macs, as per the current design, the learn rate is expected. PR1473334

  • During reconfigurations/link events at the physical interface level, pe.ipw.misc_int.status:iq_disabled interrupts can be seen. These do not indicate impact to traffic. PR1476553

  • PTX1000/PTX10000 platform count MPLS header also in packet length where as MX does not include it when acting in egress PE role. So we see difference in byte accounting in both platforms corresponding to the length of MPLS label stack received with the packet. PR1482408

MPLS

  • Increasing ECMP from 64 to 128 may cause the ingress LSP setup rate to be lower due to increased number of next-hop changes for the IGP routes using a shortcut. PR1421976

  • LDP session might drop during the FRR if the maxecmp is configured to 128 and LDP/IGP has more than 64 RSVP LSP next hops and LDP tunneling is configured on those next hops. PR1430361

  • On all Junos OS platforms with distributed CSPF under SR-TE scenario, if you execute some operations such as deactivate or activate SR protocols, restart routing, and so on, rpd crash might be observed. PR1493721

Open Issues

Learn about open issues in Junos OS Release 20.1R3 release for PTX Series routers.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

General Routing

  • When CFP2-DCO-T-WDM-1 is plugged in a PTX Series PIC, after FPC restarts, the carrier frequency offset TCA is raised even when TCA is not enabled. PR1301471

  • On 30-Port MACSec linecard (LC1101-M - 30C / 30Q / 96X) of PTX10000 chassis, under certain circumstances, when exclude-protocol lacp configuration statement under [edit security macsec connectivity-association connectivity-association-name] hierarchy level is deleted or deactivated, the LACP protocol "Mux State" shown under the output of the show lacp interface CLI command might remain as "attached" or "detached" and might not move to "distributing" state. PR1331412

  • The QFX10000 platform drops the Aruba wireless access point (AP) heartbeat packets. As a result, the Aruba wireless AP cannot work. PR1352805

  • Traffic loss is greater than 50 milliseconds (in order of 200 to 300 milliseconds) for IP routes pointing to unilist of composites with indirect next hops during a link down scenario. In this case, Packet Forwarding Engine do not local repair and will wait for the rpd to install the new next hops. PR1383965

  • Due to transient hardware condition, single-bit error (SBE) events are corrected and have no operational impact. Reporting of those events had been disabled to prevent alarms and possibly unnecessary hardware replacements. This change applies to all platforms using hybrid memory controller (HMC). PR1384435

  • On routers and switches running Junos OS, with Link Aggregation Control Protocol (LACP) enabled, deactivating a remote aggregated Ethernet (AE) member link makes the local member link move to LACP detached state and cause traffic drops on that member link. The same scenario applied when a new member link is added where the other end of that link is not configured with LACP. PR1423707

  • The em2 interface configuration causes FPC to crash during initialization and FPC does not come online. After deleting the em2 configuration and restarting the router, FPC comes online. PR1429212

  • Memory leaks are expected in this release. PR1438358

  • When users configure the best destination network with dyn-tunnel-attribute-policy and preference, the tunnel from the old destination network are not migrated. PR1462805

  • During reconfigurations or link events at the physical interface level, pe.ipw.misc_int.status:iq_disabled interruption is seen. These do not indicate impact to traffic. PR1476553

  • The Layer 2 VPN (L2VPN) on PTX Series with asynchronous-notification might keep flapping when the link is going up between PE and CE devices. After Layer 2 VPN flap, the interfaces which are set "asynchronous-notification" might show "- Inf dBm" laser output power even when the L2VPN status is up. PR1486181

  • In strict priority scheduling mode, medium-high and medium-low are seen to be operating on the same priority. PR1490505

  • Junos Telemetry GRPC multi sensors are not working as expected. PR1492282

  • When show interfaces aex extensive statement is synchronized and SNMP polling queries are asynchronized on aggregated Ethernet interface in parallel, you might observe spikes in aggregated Ethernet interface framing errors counter in between correct values. PR1539537

  • IS-IS over Layer 2 circuit might not come up if the encapsulation is TCC. PR1590387

Infrastructure

  • On PTX Series platform the harmless log of "invalid SMART checksum" might be seen when performing software upgrade to specific releases (for example, Junos OS Releases 15.1F5-S3, 15.1F6-S1, 15.1F7, 15.1R4-S3, 15.1R5, 16.1R1, 16.1R2, 16.2R1). PR1222105

  • Memory corruption of a binary from /usr/bin/ or /usr/sbin/ directory can occur if such binary is invoked when a recovery snapshot creation is in progress. The exact symptoms will be different depending on the exact binary and Junos OS version - some programs will show an error, and some programs will crash every time it is executed. Such memory corruption will be persistent until the affected Routing Engine is restarted. Refer to TSB17954 for more details. PR1563647

MPLS

  • At high scale, LSP setup rate will be relatively slower in IP-in-IP networks. PR1457992

Routing Protocols

  • With bidirectional forwarding detection (BFD) configured on an aggregated Ethernet interface, if you disable/enable the aggregated Ethernet interface, then that interface and the BFD session might not come up. PR1354409

  • The show dynamic-tunnels database command does not show the current value of traffic statistics. It shows the cache value of traffic statistics, which might not be equal to the current value. PR1445705

  • With NSR enabled, the current BGP design support 3000 BGP IPv6 peers or 8000 BGP IPv4 peers. When you are trying to bring up more than 3000 BGP IPv6 sessions or more than 8000 BGP IPv4 sessions, the rpd might crash. PR1461436

Resolved Issues

Learn which issues were resolved in this release for PTX Series.

For the most complete and latest information about known Junos OS defects, use the Juniper Networks online Junos Problem Report Search application.

Resolved Issues: 20.1R3

Forwarding and Sampling

  • The l2ald process might crash because of the next hop issue in the EVPN-MPLS. PR1548124

General Routing

  • Delay in disabling Packet Forwarding Engine might be seen on PTX Series devices with PECHIP equipped FPCs inserted. PR1481879

  • The SNMP index in the Packet Forwarding Engine reports as 0, causing sFlow to report either IIF or OIF (not both) as 0 in the sFlow record data at the collector. PR1484322

  • On PTX10008, FPC UKERN core file is not transferred to Routing Engine in scaled setup. PR1500418

  • Error messages t6e_dfe_tuning_state:et-6/0/0 - Failed to dfe tuning count 10 might be seen after links flap. PR1512919

  • Packet drop might be seen with all commit events with 1G speed configured interface PR1524614

  • The chassisd memory leak might cause traffic loss. PR1537194

  • Observed the error message expr_dfw_action_topo_connect_anh:1434 expr_dfw_action_topo_connect_anh:eda_anh_discard is FALSE for nh-id 568 - return in PTX1000. PR1540064

  • The Packet Forwarding Engine might crash in MPLS IPv6-tunneling scenario when the next hop changes. PR1540793

  • Junos OS: PTX Series: Denial of Service in packet processing due to heavy route churn when J-Flow sampling is enabled (CVE-2021-0263). PR1546143

  • Traffic might get discarded after swapping an FPC type 3 card with an FPC type 1 card in the same slot on a PTX3000 router. PR1547790

  • The rpd crash might be seen when the BGP service route is resolved over the color-only SR-TE policy. PR1550736

  • The interface filter with source-port 0 matches everything instead of port 0. PR1551305

  • The LCMD process might consume memory until all the free memory available to VMHOST gets exhausted. PR1555386

  • An enhancement to enable watchdog petting log on PTX10000 line cards. PR1561980

  • TACACS traffic might be dropped. PR1578579

  • Failed to get pechip handle for chip 0 and prds_encap_sample_flood_lpbk_desc_install: Egress NH descriptor install OK for Flabel 7808 errors are seen during bringup. PR1585594

Infrastructure

  • Interface drop counters might display 0 during a race condition when voq statistics are also polled simultaneously. PR1537960

  • Invalid statistics value might be observed when multiple mib2d/cosd requests for the same IFD arrive within 1 second. PR1541579

  • The kernel crash with core file might be seen if churn happens for a flood composite next hop. PR1548545

Interfaces and Chassis

  • Logs are not written in /var/log/messages on certain PTX Series routers running Junos Evolved. PR1551374

Multicast

  • FPC might crash in a multicast scenario. PR1569957

Network Management and Monitoring

  • The mib2d process crashes and generates a core file on backup Routing Engine. PR1557384

Platform and Infrastructure

  • The BGP session replication might fail to start after the session crashes on the backup Routing Engine. PR1552603

  • FPC might crash in a scaled-firewall configuration. PR1586817

Routing Policy and Firewall Filters

  • Generated route goes to the hidden state when the protect core command is enabled. PR1562867

Routing Protocols

  • The BGP RPKI ROA withdrawal might lead to an unexpected BGP route flap. PR1483097

  • The rpd might crash with BGP RPKI enabled in a race condition. PR1487486

  • Traffic might be silently discarded when the BGP route gets deleted, which is part of multipath. PR1514966

  • The rpd process generates the core file at gp_rtarget_tsi_update,bgp_rtarget_flash_rt,bgp_rtarget_flash. PR1541768

  • BGP LU session flap might be seen with AIGP used scenario. PR1558102

User Interface and Configuration

  • Any change in the nested groups might not be detected on commit and does not take effect. PR1484801

Resolved Issues: 20.1R2

General Routing

  • On the PTX10008 and PTX5000 routers, the output of the show filter index number counter command shows value as zero at 28-02-HOSTBOUND_NDP_DISCARD_TERM. PR1420057

  • The show snmp mib walk jnxContentsDescr command output does not display the fan controllers. PR1455640

  • PHP device has Nnext-hop misprogramming for members of ECMP for SR label route used for reaching IPv6 destinations. PR1457230

  • Interface statistics might not get updated for the local-loopback test. PR1458814

  • PTX1000 and PTX10002 routers might drop packets after transient SIB or FPC voltage alarms. PR1460406

  • On the PTX5000 routers, for the FPC3 line card, the optics-options syslog and link-down do not work as expected. PR1461404

  • On the PTX10000 routers, FPCs might restart during runtime. PR1464119

  • The router might become nonresponsive and bring the traffic down when the disk space becomes full. PR1470217

  • A PTX5000 SIB3 might fail to come up in slot 0 and/or slot 8 when Routing Engine 1 is the primary Routing Engine. PR1471178

  • Sampling process on FPC might crash when the MPLS traffic is sampled. PR1477445

  • Multicast routes add or delete events might cause adjacency and LSPs to go down. PR1479789

  • FPC might crash when dealing with invalid next hops. PR1484255

  • BCM8238X SerDes firmware did not complete tuning; this might generate a false positive alarm. PR1491142

  • BFD sessions start to flap when the firewall filter in loopback0 is changed. PR1491575

  • PTX Series: Kernel routing table (KRT) queue stuck after J-Flow sampling of a malformed packet (CVE-2020-1679). PR1495788

  • Outbound SSH connection flap or memory leak issue might be observed when pushing the configuration to the ephemeral database at a high rate. PR1497575

  • The following error message is observed: PFE_ERROR_FAIL_OPERATION: IFD et-1/0/8: RS credits failed to return: init=192 curr=193 chip=5. PR1502716

  • On the PTX10008 and PTX10016 routers, a few TCP-based application sessions might flap upon Routing Engine switchover or application sessions bouncing in the backup Routing Engine. PR1503169

  • On the PTX3000 or PTX5000 router, unable to bring the ports up when plugging in the optic QSFP-100G-LR4-T2(740-061409). PR1511492

  • The routes update might fail because of the HMC memory issue, and traffic impact might be seen. PR1515092

  • Sampling with the rate limiter command enabled, crosses the sample rate 65,535. PR1525589

Interfaces and Chassis

  • The following error message is observed: Request failed: OID not increasing: ieee8021CfmStackServiceSelectorType. PR1517046

  • EOAM IEEE802.3ah link discovery state is "Down" instead of "Active Send Local" after deactivating interfaces on routers. PR1532979

MPLS

  • BGP session flap between two directly connected BGP peers because of the incorrect TCP-MSS in use. PR1493431

  • The rpd process might crash in a rare condition in an SR-TE scenario. PR1493721

  • The SNMP trap is sent with the incorrect OID jnxSpSvcSetZoneEntered. PR1517667

Routing Protocols

  • The ppmd process crashes after configuring the S-BFD responder on the PTX Series routers with RE-DUO-2600. PR1477525

  • The BGP multipath traffic might not fully load-balance for a while after adding a new path for load sharing. PR1482209

  • The BGP route target family might prevent the route reflector from reflecting Layer 2 VPN and Layer 3 VPN routes. PR1492743

  • The rpd might report 100 percent CPU usage with BGP route damping enabled. PR1514635

Resolved Issues: 20.1R1

Forwarding and Sampling

  • The pfed might crash and be unable to come up on the PTX Series or TVP platforms. PR1452363

General Routing

  • PTX Series interface stays down after maintenance. PR1412126

  • Telemetry statistics might not account correctly when IS-IS sensors are enabled and the route next hops are ae interfaces. PR1413680

  • LACP packet does not pass through Layer 2 circuit. PR1424553

  • Interface does not come up after interface flapping and FPC reboot. PR1428307

  • Reclassification policy applied on the route prefixes might not work on PTX Series platforms. PR1430028

  • The l2cpd process might crash and generate a core file when interfaces are flapping. PR1431355

  • The FPC might crash when a firewall filter is modified. PR1432116

  • Unable to change DDoS protocol TTL values under PTX10000. PR1433259

  • Upgrading fails due to communication failure between Junos VM and the host OS. PR1438219

  • Packet loss might be seen if IPoIP or MPLS-over-UDP dynamic tunnels with ECMP are configured. PR1446132

  • Changing the hostname triggers an on-change notification, not an adjacency on-change notification. Also, currently IS-IS is sending the hostname instead of the system ID in OC paths. PR1449837

  • JNP10K-LC2101 FPC generates the "Voltage Tolerance Exceeded" major alarm for EACHIP 2V5 sensors. PR1451011

  • The 100-Gbps interface might not come up after flapping on PTX5000. PR1453217

  • Traffic might be dropped on PTX Series platforms. PR1459484

  • Silent dropping of traffic upon interface flapping after DRD auto-recovery. PR1459698

  • The "forwarding" option is missed in routing-instance type. PR1460181

  • Hardware failure in CB2-PTX causes traffic interruption. PR1460992

  • The sample, syslog, or log action in output firewall filters for packets of size less than 128 bytes might cause an ASIC wedge (all packet loss) on PTX Series platforms. PR1462634

  • PIC might restart if the temperature of QSFP optics is overheated on PTX3000 or PTX5000. PR1462987

  • An FPC might restart during runtime on PTX10000 or QFX10000 lines of devices. PR1464119

  • Continuous MACsec-wedge-cleared logs might be seen and LACP flapping might happen with 100% line-rate traffic or near line rate traffic in the MACsec line card. PR1466481

  • EBUF parity interrupt is not seen on PTX Series routers or the QFX10000 line of switches. PR1466532

  • IPv6 traffic might get dropped in a Layer 3 VPN network. PR1466659

  • Packet Forwarding Engine error logs (prds_packet_classify_notification: Failed to find fwd nh for flabel 48) might be reported when IGMP packets get sampled on the PTX5000 platform. PR1466995

  • Optics measurements might not be streamed for interfaces of a PIC over JTI. PR1468435

  • Incorrect counter value for Arrival rate and Peak rate for DDoS commands. PR1470385

  • Traffic loops for pure Layer 2 packets coming over an EVPN tunnel with the destination MAC address matching the IRB MAC address. PR1470990

  • The input-vlan-map or output-vlan-map might not work properly in a Layer 2 circuit local-switching scenario. PR1474876

Infrastructure

  • The kernel crashes when removing a mounted USB storage device while a file is being copied to it. PR1425608

  • Slow response from SNMP might be observed after an upgrade to Junos OS Release 19.2R1 and later. PR1462986

Interfaces and Chassis

  • After member interface flapping, the aggregated Ethernet remains down on the 5-port 100-Gigabit Ethernet DWDM CFP2-ACO PIC. PR1429279

Layer 2 Ethernet Services

  • Member links state might be asychronized on a connection between the PE and CE devices in EVPN A/A scenario. PR1463791

MPLS

  • Kernel crash and device restart might happen. PR1478806

Routing Protocols

  • SSH login might fail if a user account exists in both local database and RADIUS or TACACS+. PR1454177

  • The other querier present interval timer cannot be changed in an IGMP/MLD snooping scenario. PR1461590

  • The rpd process might crash with BGP multipath and route withdrawal occasionally. PR1481589

Documentation Updates

This section lists the errata and changes in Junos OS Release 20.1R1 documentation for the PTX Series.

Dynamic Host Configuration Protocol (DHCP)

  • Introducing DHCP User Guide—Starting in Junos OS Release 20.1R1, we are introducing the DHCP User Guide for Junos OS routing, switching, and security platforms. This guide provides basic configuration details for your Junos OS device as DHCP Server, DHCP client, and DHCP relay agent.

    [See DHCP User Guide.]

Migration, Upgrade, and Downgrade Instructions

This section contains the procedure to upgrade Junos OS, and the upgrade and downgrade policies for Junos OS for the PTX Series. Upgrading or downgrading Junos OS might take several hours, depending on the size and configuration of the network.

Basic Procedure for Upgrading to Release 20.1

When upgrading or downgrading Junos OS, use the jinstall package. For information about the contents of the jinstall package and details of the installation process, see the Installation and Upgrade Guide. Use other packages, such as the jbundle package, only when so instructed by a Juniper Networks support representative.

Note

Back up the file system and the currently active Junos OS configuration before upgrading Junos OS. This allows you to recover to a known, stable environment if the upgrade is unsuccessful. Issue the following command:

Note

The installation process rebuilds the file system and completely reinstalls Junos OS. Configuration information from the previous software installation is retained, but the contents of log files might be erased. Stored files on the router, such as configuration templates and shell scripts (the only exceptions are the juniper.conf and ssh files), might be removed. To preserve the stored files, copy them to another system before upgrading or downgrading the routing platform. For more information, see the Installation and Upgrade Guide.

Note

We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

To download and install Junos OS Release 20.1R1:

  1. Using a Web browser, navigate to the All Junos Platforms software download URL on the Juniper Networks webpage:

    https://support.juniper.net/support/downloads/

  2. Select the name of the Junos OS platform for the software that you want to download.
  3. Select the release number (the number of the software version that you want to download) from the Release drop-down list to the right of the Download Software page.
  4. Select the Software tab.
  5. In the Install Package section of the Software tab, select the software package for the release.
  6. Log in to the Juniper Networks authentication system by using the username (generally your e-mail address) and password supplied by Juniper Networks representatives.
  7. Review and accept the End User License Agreement.
  8. Download the software to a local host.
  9. Copy the software to the routing platform or to your internal software distribution site.
  10. Install the new jinstall package on the router.Note

    We recommend that you upgrade all software packages out of band using the console because in-band connections are lost during the upgrade process.

    All customers except the customers in the Eurasian Customs Union (currently composed of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package:

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-20.1R1.9.tgz

    Customers in the Eurasian Customs Union (currently composed of Armenia, Belarus, Kazakhstan, Kyrgyzstan, and Russia) can use the following package (limited encryption Junos OS package):

    user@host> request system software add validate reboot source/junos-install-ptx-x86-64-20.1R1.9-limited.tgz

    Replace the source with one of the following values:

    • /pathname—For a software package that is installed from a local directory on the router.

    • For software packages that are downloaded and installed from a remote location:

      • ftp://hostname/pathname

      • http://hostname/pathname

      • scp://hostname/pathname

    The validate option validates the software package against the current configuration as a prerequisite to adding the software package to ensure that the router reboots successfully. This is the default behavior when the software package being added is a different release.

    Adding the reboot command reboots the router after the upgrade is validated and installed. When the reboot is complete, the router displays the login prompt. The loading process might take 5 to 10 minutes.

    Rebooting occurs only if the upgrade is successful.

Note

You need to install the Junos OS software package and host software package on the routers with the RE-PTX-X8 Routing Engine. For upgrading the host OS on this router with VM Host support, use the junos-vmhost-install-x.tgz image and specify the name of the regular package in the request vmhost software add command. For more information, see the VM Host Installation topic in the Installation and Upgrade Guide.

Note

After you install a Junos OS Release 20.1jinstall package, you cannot return to the previously installed software by issuing the request system software rollback command. Instead, you must issue the request system software add validate command and specify the jinstall package that corresponds to the previously installed software.

Note

Most of the existing request system commands are not supported on routers with RE-PTX-X8 Routing Engines. See the VM Host Software Administrative Commands in the Installation and Upgrade Guide.

Upgrade and Downgrade Support Policy for Junos OS Releases

Support for upgrades and downgrades that span more than three Junos OS releases at a time is not provided, except for releases that are designated as Extended End-of-Life (EEOL) releases. EEOL releases provide direct upgrade and downgrade paths—you can upgrade directly from one EEOL release to the next EEOL release even though EEOL releases generally occur in increments beyond three releases.

You can upgrade or downgrade to the EEOL release that occurs directly before or after the currently installed EEOL release, or to two EEOL releases before or after. For example, Junos OS Releases 17.4, 18.1, and 18.2 are EEOL releases. You can upgrade from Junos OS Release 17.1 to Release 17.2 or from Junos OS Release 17.1 to Release 17.3. However, you cannot upgrade directly from a non-EEOL release that is more than three releases ahead or behind.

To upgrade or downgrade from a non-EEOL release to a release more than three releases before or after, first upgrade to the next EEOL release and then upgrade or downgrade from that EEOL release to your target release.

For more information about EEOL releases and to review a list of EEOL releases, see https://support.juniper.net/support/eol/software/junos/.

Upgrading a Router with Redundant Routing Engines

If the router has two Routing Engines, perform a Junos OS installation on each Routing Engine separately to avoid disrupting network operation as follows:

  1. Disable graceful Routing Engine switchover (GRES) on the master Routing Engine and save the configuration change to both Routing Engines.

  2. Install the new Junos OS release on the backup Routing Engine while keeping the currently running software version on the master Routing Engine.

  3. After making sure that the new software version is running correctly on the backup Routing Engine, switch over to the backup Routing Engine to activate the new software.

  4. Install the new software on the original master Routing Engine that is now active as the backup Routing Engine.

For the detailed procedure, see the Installation and Upgrade Guide.